chayleaf/dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

router: misc dnat changes

Browse source
This commit is contained in:
chayleaf 2024-02-01 07:33:12 +07:00
parent 36ab46439a
commit bef5b3f86d
Signed by: chayleaf
GPG key ID: 78171AD46227E68E
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
system/hosts/router/default.nix
View file

@ -749,7 +749,7 @@ in {
# SSH
[(is.eq meta.l4proto (f: f.tcp)) (is.eq tcp.dport 23) accept]
# wg1
[(is.eq meta.l4proto (f: f.udp)) (is.eq udp.dport 854) accept]
[(is.eq meta.l4proto (f: with f; set [ udp tcp ])) (is.eq th.dport (set [ 854 855 ])) accept]
];
};
};
@ -935,7 +935,7 @@ in {
socketNamespace = "wan";
peers = lib.flip lib.imap0 cfg.wgPubkeys (i: publicKey: {
inherit publicKey;
allowedIPs = [ "${addToIp parsedAddr4 (1 + i)}/32" "${addToIp parsedAddr6 (2 + i)}/128" ];
allowedIPs = [ "${addToIp parsedAddr4 (1 + i)}/32" "${addToIp parsedAddr6 (1 + i)}/128" ];
presharedKeyFile = "/secrets/wg1/wg_psk${toString i}";
});
};